Lessons learnt from recent US Samsung data breach

Chad McDonald, CISO at Radiant Logic, shares his views on the importance of strong Identity Access Management principles after the Samsung US data breach.

Samsung recently confirmed it suffered a data breach which led to the personal information of customers being leaked online.

The company revealed that customer data had been compromised on 4 August, following an apparent security incident in the preceding weeks. It also said that an “unauthorized third party" had acquired information from some of Samsung’s US systems, including names, contact information, dates of birth and product registration details. However, no credit card numbers or social security numbers were breached.

A spokesman said in a statement: "Samsung detected the incident and has taken actions to secure the affected systems. As part of our ongoing investigation, we have engaged a leading outside cybersecurity firm and are coordinating with law enforcement. We are notifying customers to make them aware of this matter.

"At Samsung, we value the trust our customers place in our products and services – trust that we have built up over many years. This is why the security and privacy of our customers’ data is of the utmost importance to us, and our products and services are designed and built with this top of mind."

Failure to manage identity data 

Chad McDonald, CISO at Radiant Logic, says that for many organisations, breaches like this are the result of failing to manage identity data and implement strong Identity Access Management principles.

"It is extremely serious that an unauthorised user was able to get their hands on Samsung customers’ personal information," he said.

"Many organisations suffer from identity sprawl, where identity data is spread across different applications which cannot communicate with each other, which ultimately means that systems - and therefore data - is siloed. This poses a huge security risk, with siloed systems increasing the attack surface of an organisation and creating gaps for threat actors to exploit

"Heavily siloed systems result in organisations failing to build complete and accurate user profiles. Security teams then struggle to properly identify users and give them the correct access, ultimately leading to security breaches such as this one on Samsung.

"Organisations need an Identity Access Management solution which can unify and streamline their identity data to provide complete and accurate user profiles. With complete visibility over systems, security teams are then able to properly track who should be accessing what, therefore reducing the risk of a serious breach," he added. 

What is identity managament?

According to cybersecurity company, VMWare, Identity management (IdM), also known as identity and access management (IAM) ensures that authorised people – and only authorised people – have access to the technology resources they need to perform their job functions. It includes polices and technologies that encompass an organisation-wide process to properly identify, authenticate, and authorise people, groups of people, or software applications through attributes including user access rights and restrictions based on their identities.

An identity management system prevents unauthorised access to systems and resources, helps prevent exfiltration of enterprise or protected data, and raises alerts and alarms when access attempts are made by unauthorized personnel or programs, whether from inside or outside the enterprise perimeter.

Identity management solutions not only protect software and data access, they also protect the hardware resources in an enterprise, such as servers, networks, and storage devices from unauthorised access which could lead to a ransomware attack. Identity management has gained importance over the past decade due to the growing number of global regulatory, compliance, and governance mandates that seek to protect sensitive data from exposure of any kind.

IdM and IAM systems generally are part of IT security and IT Data management within the enterprise, and identity and access management tools are widely available for the broad range of devices that users rely on to perform business functions from phones and tablets to desktop computers running Windows, Linux, iOS or Android.


Featured Articles

Tech & AI LIVE: Key Events that are Vital for Cybersecurity

Connecting the world’s technology and AI leaders, Tech & AI LIVE returns in 2024, find out more on what’s to come in 2024

MWC Barcelona 2024: The Future is Connectivity

Discover the latest in global technology and connectivity at MWC Barcelona 2024, where industry giants converge to discuss 5G, AI and more industry trends

AI-Based Phishing Scams Are On The Rise This Valentine’s Day

Research from Egress Threat Intelligence, Avast, Cequence Security & KnowBe4 outlines how AI is being used in dating app phishing scams on Valentine’s Day

Speaker Lineup Announced for Tech Show London 2024

Technology & AI

Darktrace predicts AI deepfakes and cloud vulnerabilities

Cloud Security

Secure 2024: AI’s impact on cybersecurity with Integrity360

Technology & AI